ReactOS 0.4.16-dev-1165-g40721f4
Macros | Functions | Variables
procsup.c File Reference
#include <ntoskrnl.h>
#include <debug.h>
#include <mm/ARM3/miarm.h>
Include dependency graph for procsup.c:

Go to the source code of this file.

Macros

#define NDEBUG
 
#define MODULE_INVOLVED_IN_ARM3
 

Functions

NTSTATUS NTAPI MiCreatePebOrTeb (IN PEPROCESS Process, IN ULONG Size, OUT PULONG_PTR BaseAddress)
 
VOID NTAPI MmDeleteTeb (IN PEPROCESS Process, IN PTEB Teb)
 
VOID NTAPI MmDeleteKernelStack (IN PVOID StackBase, IN BOOLEAN GuiStack)
 
PVOID NTAPI MmCreateKernelStack (IN BOOLEAN GuiStack, IN UCHAR Node)
 
NTSTATUS NTAPI MmGrowKernelStackEx (IN PVOID StackPointer, IN ULONG GrowSize)
 
NTSTATUS NTAPI MmGrowKernelStack (IN PVOID StackPointer)
 
NTSTATUS NTAPI MmSetMemoryPriorityProcess (IN PEPROCESS Process, IN UCHAR MemoryPriority)
 
NTSTATUS NTAPI MmCreatePeb (IN PEPROCESS Process, IN PINITIAL_PEB InitialPeb, OUT PPEB *BasePeb)
 
NTSTATUS NTAPI MmCreateTeb (IN PEPROCESS Process, IN PCLIENT_ID ClientId, IN PINITIAL_TEB InitialTeb, OUT PTEB *BaseTeb)
 
NTSTATUS NTAPI MmInitializeProcessAddressSpace (IN PEPROCESS Process, IN PEPROCESS ProcessClone OPTIONAL, IN PVOID Section OPTIONAL, IN OUT PULONG Flags, IN POBJECT_NAME_INFORMATION *AuditName OPTIONAL)
 
NTSTATUS NTAPI MmInitializeHandBuiltProcess (IN PEPROCESS Process, IN PULONG_PTR DirectoryTableBase)
 
NTSTATUS NTAPI MmInitializeHandBuiltProcess2 (IN PEPROCESS Process)
 
BOOLEAN NTAPI MmCreateProcessAddressSpace (IN ULONG MinWs, IN PEPROCESS Process, OUT PULONG_PTR DirectoryTableBase)
 
VOID NTAPI MmCleanProcessAddressSpace (IN PEPROCESS Process)
 
VOID NTAPI MmDeleteProcessAddressSpace (IN PEPROCESS Process)
 
NTSTATUS NTAPI NtAllocateUserPhysicalPages (IN HANDLE ProcessHandle, IN OUT PULONG_PTR NumberOfPages, IN OUT PULONG_PTR UserPfnArray)
 
NTSTATUS NTAPI NtMapUserPhysicalPages (IN PVOID VirtualAddresses, IN ULONG_PTR NumberOfPages, IN OUT PULONG_PTR UserPfnArray)
 
NTSTATUS NTAPI NtMapUserPhysicalPagesScatter (IN PVOID *VirtualAddresses, IN ULONG_PTR NumberOfPages, IN OUT PULONG_PTR UserPfnArray)
 
NTSTATUS NTAPI NtFreeUserPhysicalPages (IN HANDLE ProcessHandle, IN OUT PULONG_PTR NumberOfPages, IN OUT PULONG_PTR UserPfnArray)
 

Variables

ULONG MmProcessColorSeed = 0x12345678
 
ULONG MmMaximumDeadKernelStacks = 5
 
SLIST_HEADER MmDeadStackSListHead
 
ULONG MmRotatingUniprocessorNumber = 0
 

Macro Definition Documentation

◆ MODULE_INVOLVED_IN_ARM3

#define MODULE_INVOLVED_IN_ARM3

Definition at line 15 of file procsup.c.

◆ NDEBUG

#define NDEBUG

Definition at line 12 of file procsup.c.

Function Documentation

◆ MiCreatePebOrTeb()

NTSTATUS NTAPI MiCreatePebOrTeb ( IN PEPROCESS  Process,
IN ULONG  Size,
OUT PULONG_PTR  BaseAddress 
)

Definition at line 29 of file procsup.c.

32{
33 PMMVAD_LONG Vad;
34 NTSTATUS Status;
35 ULONG_PTR HighestAddress, RandomBase;
36 ULONG AlignedSize;
37 LARGE_INTEGER CurrentTime;
38
39 Status = PsChargeProcessNonPagedPoolQuota(Process, sizeof(MMVAD_LONG));
40 if (!NT_SUCCESS(Status))
41 return Status;
42
43 /* Allocate a VAD */
44 Vad = ExAllocatePoolWithTag(NonPagedPool, sizeof(MMVAD_LONG), 'ldaV');
45 if (!Vad)
46 {
47 Status = STATUS_NO_MEMORY;
48 goto FailPath;
49 }
50
51 /* Setup the primary flags with the size, and make it commited, private, RW */
52 Vad->u.LongFlags = 0;
53 Vad->u.VadFlags.CommitCharge = BYTES_TO_PAGES(Size);
54 Vad->u.VadFlags.MemCommit = TRUE;
55 Vad->u.VadFlags.PrivateMemory = TRUE;
56 Vad->u.VadFlags.Protection = MM_READWRITE;
57 Vad->u.VadFlags.NoChange = TRUE;
58 Vad->u1.Parent = NULL;
59
60 /* Setup the secondary flags to make it a secured, writable, long VAD */
61 Vad->u2.LongFlags2 = 0;
62 Vad->u2.VadFlags2.OneSecured = TRUE;
63 Vad->u2.VadFlags2.LongVad = TRUE;
64 Vad->u2.VadFlags2.ReadOnly = FALSE;
65
66 Vad->ControlArea = NULL; // For Memory-Area hack
67 Vad->FirstPrototypePte = NULL;
68
69 /* Check if this is a PEB creation */
70 ASSERT(sizeof(TEB) != sizeof(PEB));
71 if (Size == sizeof(PEB))
72 {
73 /* Create a random value to select one page in a 64k region */
74 KeQueryTickCount(&CurrentTime);
75 CurrentTime.LowPart &= (_64K / PAGE_SIZE) - 1;
76
77 /* Calculate a random base address */
78 RandomBase = (ULONG_PTR)MM_HIGHEST_VAD_ADDRESS + 1;
79 RandomBase -= CurrentTime.LowPart << PAGE_SHIFT;
80
81 /* Make sure the base address is not too high */
82 AlignedSize = ROUND_TO_PAGES(Size);
83 if ((RandomBase + AlignedSize) > (ULONG_PTR)MM_HIGHEST_VAD_ADDRESS + 1)
84 {
85 RandomBase = (ULONG_PTR)MM_HIGHEST_VAD_ADDRESS + 1 - AlignedSize;
86 }
87
88 /* Calculate the highest allowed address */
89 HighestAddress = RandomBase + AlignedSize - 1;
90 }
91 else
92 {
93 HighestAddress = (ULONG_PTR)MM_HIGHEST_VAD_ADDRESS;
94 }
95
96 *BaseAddress = 0;
97 Status = MiInsertVadEx((PMMVAD)Vad,
98 BaseAddress,
99 Size,
100 HighestAddress,
101 PAGE_SIZE,
102 MEM_TOP_DOWN);
103 if (!NT_SUCCESS(Status))
104 {
105 ExFreePoolWithTag(Vad, 'ldaV');
106 Status = STATUS_NO_MEMORY;
107 goto FailPath;
108 }
109
110
111 /* Success */
112 return STATUS_SUCCESS;
113
114FailPath:
115 PsReturnProcessNonPagedPoolQuota(Process, sizeof(MMVAD_LONG));
116
117 return Status;
118}
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
MM_READWRITE
#define MM_READWRITE
Definition: bootanim.c:19
STATUS_NO_MEMORY
#define STATUS_NO_MEMORY
Definition: d3dkmdt.h:51
NULL
#define NULL
Definition: types.h:112
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:33
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
PAGE_SIZE
#define PAGE_SIZE
Definition: env_spec_w32.h:49
PAGE_SHIFT
#define PAGE_SHIFT
Definition: env_spec_w32.h:45
NonPagedPool
#define NonPagedPool
Definition: env_spec_w32.h:307
Process
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:223
Status
Status
Definition: gdiplustypes.h:25
_64K
#define _64K
Definition: miarm.h:23
MiInsertVadEx
NTSTATUS NTAPI MiInsertVadEx(_Inout_ PMMVAD Vad, _In_ ULONG_PTR *BaseAddress, _In_ SIZE_T ViewSize, _In_ ULONG_PTR HighestAddress, _In_ ULONG_PTR Alignment, _In_ ULONG AllocationType)
Definition: vadnode.c:245
ASSERT
#define ASSERT(a)
Definition: mode.c:44
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1109
BaseAddress
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID * BaseAddress
Definition: mmfuncs.h:404
MEM_TOP_DOWN
#define MEM_TOP_DOWN
Definition: nt_native.h:1321
MM_HIGHEST_VAD_ADDRESS
#define MM_HIGHEST_VAD_ADDRESS
Definition: mm.h:46
PsChargeProcessNonPagedPoolQuota
NTSTATUS NTAPI PsChargeProcessNonPagedPoolQuota(_In_ PEPROCESS Process, _In_ SIZE_T Amount)
Charges the non paged pool quota of a given process.
Definition: quota.c:811
PsReturnProcessNonPagedPoolQuota
VOID NTAPI PsReturnProcessNonPagedPoolQuota(_In_ PEPROCESS Process, _In_ SIZE_T Amount)
Returns the non paged quota pool that the process was taking up.
Definition: quota.c:938
KeQueryTickCount
#define KeQueryTickCount(CurrentCount)
Definition: ke.h:43
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_MMVAD_FLAGS2::ReadOnly
ULONG ReadOnly
Definition: mmtypes.h:710
_MMVAD_FLAGS2::OneSecured
ULONG OneSecured
Definition: mmtypes.h:708
_MMVAD_FLAGS2::LongVad
ULONG LongVad
Definition: mmtypes.h:711
_MMVAD_FLAGS::NoChange
ULONG_PTR NoChange
Definition: mmtypes.h:693
_MMVAD_FLAGS::MemCommit
ULONG_PTR MemCommit
Definition: mmtypes.h:695
_MMVAD_FLAGS::Protection
ULONG_PTR Protection
Definition: mmtypes.h:696
_MMVAD_FLAGS::CommitCharge
ULONG_PTR CommitCharge
Definition: mmtypes.h:691
_MMVAD_FLAGS::PrivateMemory
ULONG_PTR PrivateMemory
Definition: mmtypes.h:698
_MMVAD_LONG
Definition: mmtypes.h:750
_MMVAD_LONG::FirstPrototypePte
PMMPTE FirstPrototypePte
Definition: mmtypes.h:766
_MMVAD_LONG::VadFlags
MMVAD_FLAGS VadFlags
Definition: mmtypes.h:763
_MMVAD_LONG::u2
union _MMVAD_LONG::@2716 u2
_MMVAD_LONG::u1
union _MMVAD_LONG::@2714 u1
_MMVAD_LONG::LongFlags
ULONG_PTR LongFlags
Definition: mmtypes.h:762
_MMVAD_LONG::u
union _MMVAD_LONG::@2715 u
_MMVAD_LONG::ControlArea
PCONTROL_AREA ControlArea
Definition: mmtypes.h:765
_MMVAD_LONG::Parent
PMMVAD Parent
Definition: mmtypes.h:754
_MMVAD_LONG::LongFlags2
ULONG LongFlags2
Definition: mmtypes.h:770
_MMVAD_LONG::VadFlags2
MMVAD_FLAGS2 VadFlags2
Definition: mmtypes.h:771
_MMVAD
Definition: mmtypes.h:721
_PEB
Definition: btrfs_drv.h:1907
_TEB
Definition: compat.h:836
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
ULONG
uint32_t ULONG
Definition: typedefs.h:59
_LARGE_INTEGER
Definition: typedefs.h:103
_LARGE_INTEGER::LowPart
ULONG LowPart
Definition: typedefs.h:106
Size
_Must_inspect_result_ _In_ WDFDEVICE _In_ PWDF_DEVICE_PROPERTY_DATA _In_ DEVPROPTYPE _In_ ULONG Size
Definition: wdfdevice.h:4533
ROUND_TO_PAGES
#define ROUND_TO_PAGES(Size)
BYTES_TO_PAGES
#define BYTES_TO_PAGES(Size)

Referenced by MmCreatePeb(), and MmCreateTeb().

◆ MmCleanProcessAddressSpace()

VOID NTAPI MmCleanProcessAddressSpace ( IN PEPROCESS  Process)

Definition at line 1263 of file procsup.c.

1264{
1265 PMMVAD Vad;
1266 PMM_AVL_TABLE VadTree;
1267 PETHREAD Thread = PsGetCurrentThread();
1268
1269 /* Remove from the session */
1270 MiSessionRemoveProcess();
1271
1272 /* Abort early, when the address space wasn't fully initialized */
1273 if (Process->AddressSpaceInitialized < 2)
1274 {
1275 DPRINT1("Incomplete address space for Process %p. Might leak resources.\n",
1276 Process);
1277 return;
1278 }
1279
1280 /* Lock the process address space from changes */
1281 MmLockAddressSpace(&Process->Vm);
1282 MiLockProcessWorkingSetUnsafe(Process, Thread);
1283
1284 /* VM is deleted now */
1285 Process->VmDeleted = TRUE;
1286 MiUnlockProcessWorkingSetUnsafe(Process, Thread);
1287
1288 /* Enumerate the VADs */
1289 VadTree = &Process->VadRoot;
1290 while (VadTree->NumberGenericTableElements)
1291 {
1292 /* Grab the current VAD */
1293 Vad = (PMMVAD)VadTree->BalancedRoot.RightChild;
1294
1295 /* Check for old-style memory areas */
1296 if (MI_IS_MEMORY_AREA_VAD(Vad))
1297 {
1298 /* We do not expect ARM3 memory areas here, those are kernel only */
1299 ASSERT(MI_IS_ROSMM_VAD(Vad));
1300
1301 /* Let RosMm handle this */
1302 MiRosCleanupMemoryArea(Process, Vad);
1303 continue;
1304 }
1305
1306 /* Lock the working set */
1307 MiLockProcessWorkingSetUnsafe(Process, Thread);
1308
1309 /* Remove this VAD from the tree */
1310 ASSERT(VadTree->NumberGenericTableElements >= 1);
1311 MiRemoveNode((PMMADDRESS_NODE)Vad, VadTree);
1312
1313 /* Only regular VADs supported for now */
1314 ASSERT(Vad->u.VadFlags.VadType == VadNone);
1315
1316 /* Check if this is a section VAD */
1317 if (!(Vad->u.VadFlags.PrivateMemory) && (Vad->ControlArea))
1318 {
1319 /* Remove the view */
1320 MiRemoveMappedView(Process, Vad);
1321 }
1322 else
1323 {
1324 /* Delete the addresses */
1325 MiDeleteVirtualAddresses(Vad->StartingVpn << PAGE_SHIFT,
1326 (Vad->EndingVpn << PAGE_SHIFT) | (PAGE_SIZE - 1),
1327 Vad);
1328
1329 /* Release the working set */
1330 MiUnlockProcessWorkingSetUnsafe(Process, Thread);
1331 }
1332
1333 /* Free the VAD memory */
1334 ExFreePool(Vad);
1335
1336 /* Return the quota the VAD used */
1337 PsReturnProcessNonPagedPoolQuota(Process, sizeof(MMVAD_LONG));
1338 }
1339
1340 /* Lock the working set */
1341 MiLockProcessWorkingSetUnsafe(Process, Thread);
1342 ASSERT(Process->CloneRoot == NULL);
1343 ASSERT(Process->PhysicalVadRoot == NULL);
1344
1345 /* Delete the shared user data section */
1346 MiDeleteVirtualAddresses(USER_SHARED_DATA, USER_SHARED_DATA, NULL);
1347
1348 /* Release the working set */
1349 MiUnlockProcessWorkingSetUnsafe(Process, Thread);
1350
1351 /* Release the address space */
1352 MmUnlockAddressSpace(&Process->Vm);
1353}
DPRINT1
#define DPRINT1
Definition: precomp.h:8
PsGetCurrentThread
#define PsGetCurrentThread()
Definition: env_spec_w32.h:81
ExFreePool
#define ExFreePool(addr)
Definition: env_spec_w32.h:352
Thread
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2653
USER_SHARED_DATA
#define USER_SHARED_DATA
Definition: pstypes.h:51
if
if(dx< 0)
Definition: linetemp.h:194
MiRemoveNode
VOID NTAPI MiRemoveNode(IN PMMADDRESS_NODE Node, IN PMM_AVL_TABLE Table)
Definition: vadnode.c:403
MiRemoveMappedView
VOID NTAPI MiRemoveMappedView(IN PEPROCESS CurrentProcess, IN PMMVAD Vad)
Definition: section.c:766
MiUnlockProcessWorkingSetUnsafe
FORCEINLINE VOID MiUnlockProcessWorkingSetUnsafe(IN PEPROCESS Process, IN PETHREAD Thread)
Definition: miarm.h:1242
MiSessionRemoveProcess
VOID NTAPI MiSessionRemoveProcess(VOID)
Definition: session.c:392
MiDeleteVirtualAddresses
VOID NTAPI MiDeleteVirtualAddresses(_In_ ULONG_PTR Va, _In_ ULONG_PTR EndingAddress, _In_opt_ PMMVAD Vad)
Definition: virtual.c:530
MiLockProcessWorkingSetUnsafe
FORCEINLINE VOID MiLockProcessWorkingSetUnsafe(IN PEPROCESS Process, IN PETHREAD Thread)
Definition: miarm.h:1172
VadNone
@ VadNone
Definition: mmtypes.h:204
PMMVAD
struct _MMVAD * PMMVAD
MmLockAddressSpace
FORCEINLINE VOID MmLockAddressSpace(PMMSUPPORT AddressSpace)
Definition: mm.h:1696
MiRosCleanupMemoryArea
VOID NTAPI MiRosCleanupMemoryArea(PEPROCESS Process, PMMVAD Vad)
Definition: marea.c:493
MmUnlockAddressSpace
FORCEINLINE VOID MmUnlockAddressSpace(PMMSUPPORT AddressSpace)
Definition: mm.h:1709
MI_IS_MEMORY_AREA_VAD
#define MI_IS_MEMORY_AREA_VAD(Vad)
Definition: mm.h:272
MI_IS_ROSMM_VAD
#define MI_IS_ROSMM_VAD(Vad)
Definition: mm.h:274
_ETHREAD
Definition: pstypes.h:1103
_MMADDRESS_NODE
Definition: mmtypes.h:645
_MMADDRESS_NODE::RightChild
struct _MMADDRESS_NODE * RightChild
Definition: mmtypes.h:652
_MMVAD_FLAGS::VadType
ULONG_PTR VadType
Definition: mmtypes.h:694
_MMVAD::EndingVpn
ULONG_PTR EndingVpn
Definition: mmtypes.h:730
_MMVAD::ControlArea
PCONTROL_AREA ControlArea
Definition: mmtypes.h:736
_MMVAD::StartingVpn
ULONG_PTR StartingVpn
Definition: mmtypes.h:729
_MMVAD::u
union _MMVAD::@2712 u
_MMVAD::VadFlags
MMVAD_FLAGS VadFlags
Definition: mmtypes.h:734
_MM_AVL_TABLE
Definition: mmtypes.h:661
_MM_AVL_TABLE::NumberGenericTableElements
ULONG_PTR NumberGenericTableElements
Definition: mmtypes.h:668
_MM_AVL_TABLE::BalancedRoot
MMADDRESS_NODE BalancedRoot
Definition: mmtypes.h:662

Referenced by PspExitProcess(), and PspExitThread().

◆ MmCreateKernelStack()

PVOID NTAPI MmCreateKernelStack ( IN BOOLEAN  GuiStack,
IN UCHAR  Node 
)

Definition at line 276 of file procsup.c.

278{
279 PFN_COUNT StackPtes, StackPages;
280 PMMPTE PointerPte, StackPte;
281 PVOID BaseAddress;
282 MMPTE TempPte, InvalidPte;
283 KIRQL OldIrql;
284 PFN_NUMBER PageFrameIndex;
285 ULONG i;
286 PSLIST_ENTRY SListEntry;
287
288 //
289 // Calculate pages needed
290 //
291 if (GuiStack)
292 {
293 //
294 // We'll allocate 64KB stack, but only commit 12K
295 //
296 StackPtes = BYTES_TO_PAGES(MmLargeStackSize);
297 StackPages = BYTES_TO_PAGES(KERNEL_LARGE_STACK_COMMIT);
298 }
299 else
300 {
301 //
302 // If the dead stack S-LIST has a stack on it, use it instead of allocating
303 // new system PTEs for this stack
304 //
305 if (ExQueryDepthSList(&MmDeadStackSListHead))
306 {
307 SListEntry = InterlockedPopEntrySList(&MmDeadStackSListHead);
308 if (SListEntry != NULL)
309 {
310 BaseAddress = (SListEntry + 1);
311 return BaseAddress;
312 }
313 }
314
315 //
316 // We'll allocate 12K and that's it
317 //
318 StackPtes = BYTES_TO_PAGES(KERNEL_STACK_SIZE);
319 StackPages = StackPtes;
320 }
321
322 //
323 // Reserve stack pages, plus a guard page
324 //
325 StackPte = MiReserveSystemPtes(StackPtes + 1, SystemPteSpace);
326 if (!StackPte) return NULL;
327
328 //
329 // Get the stack address
330 //
331 BaseAddress = MiPteToAddress(StackPte + StackPtes + 1);
332
333 //
334 // Select the right PTE address where we actually start committing pages
335 //
336 PointerPte = StackPte;
337 if (GuiStack) PointerPte += BYTES_TO_PAGES(MmLargeStackSize -
338 KERNEL_LARGE_STACK_COMMIT);
339
340
341 /* Setup the temporary invalid PTE */
342 MI_MAKE_SOFTWARE_PTE(&InvalidPte, MM_NOACCESS);
343
344 /* Setup the template stack PTE */
345 MI_MAKE_HARDWARE_PTE_KERNEL(&TempPte, PointerPte + 1, MM_READWRITE, 0);
346
347 //
348 // Acquire the PFN DB lock
349 //
350 OldIrql = MiAcquirePfnLock();
351
352 //
353 // Loop each stack page
354 //
355 for (i = 0; i < StackPages; i++)
356 {
357 //
358 // Next PTE
359 //
360 PointerPte++;
361
362 /* Get a page and write the current invalid PTE */
363 MI_SET_USAGE(MI_USAGE_KERNEL_STACK);
364 MI_SET_PROCESS2(PsGetCurrentProcess()->ImageFileName);
365 PageFrameIndex = MiRemoveAnyPage(MI_GET_NEXT_COLOR());
366 MI_WRITE_INVALID_PTE(PointerPte, InvalidPte);
367
368 /* Initialize the PFN entry for this page */
369 MiInitializePfn(PageFrameIndex, PointerPte, 1);
370
371 /* Write the valid PTE */
372 TempPte.u.Hard.PageFrameNumber = PageFrameIndex;
373 MI_WRITE_VALID_PTE(PointerPte, TempPte);
374 }
375
376 //
377 // Release the PFN lock
378 //
379 MiReleasePfnLock(OldIrql);
380
381 //
382 // Return the stack address
383 //
384 return BaseAddress;
385}
PFN_NUMBER
ULONG_PTR PFN_NUMBER
Definition: NtCreateProfile.c:11
TempPte
HARDWARE_PTE_ARMV6 TempPte
Definition: winldr.c:76
KIRQL
UCHAR KIRQL
Definition: env_spec_w32.h:591
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
SystemPteSpace
@ SystemPteSpace
Definition: miarm.h:407
MI_GET_NEXT_COLOR
#define MI_GET_NEXT_COLOR()
Definition: miarm.h:236
MiRemoveAnyPage
PFN_NUMBER NTAPI MiRemoveAnyPage(IN ULONG Color)
Definition: pfnlist.c:477
MI_MAKE_SOFTWARE_PTE
#define MI_MAKE_SOFTWARE_PTE(p, x)
Definition: miarm.h:203
MI_MAKE_HARDWARE_PTE_KERNEL
FORCEINLINE VOID MI_MAKE_HARDWARE_PTE_KERNEL(IN PMMPTE NewPte, IN PMMPTE MappingPte, IN ULONG_PTR ProtectionMask, IN PFN_NUMBER PageFrameNumber)
Definition: miarm.h:777
MI_WRITE_INVALID_PTE
FORCEINLINE VOID MI_WRITE_INVALID_PTE(IN PMMPTE PointerPte, IN MMPTE InvalidPte)
Definition: miarm.h:996
MiReserveSystemPtes
PMMPTE NTAPI MiReserveSystemPtes(IN ULONG NumberOfPtes, IN MMSYSTEM_PTE_POOL_TYPE SystemPtePoolType)
Definition: syspte.c:246
MM_NOACCESS
#define MM_NOACCESS
Definition: miarm.h:65
MmLargeStackSize
ULONG MmLargeStackSize
Definition: mminit.c:262
MI_WRITE_VALID_PTE
FORCEINLINE VOID MI_WRITE_VALID_PTE(IN PMMPTE PointerPte, IN MMPTE TempPte)
Definition: miarm.h:963
MiInitializePfn
VOID NTAPI MiInitializePfn(IN PFN_NUMBER PageFrameIndex, IN PMMPTE PointerPte, IN BOOLEAN Modified)
Definition: pfnlist.c:970
MiPteToAddress
#define MiPteToAddress(_Pte)
Definition: mm.h:116
MI_SET_PROCESS2
#define MI_SET_PROCESS2(x)
Definition: mm.h:330
MI_USAGE_KERNEL_STACK
@ MI_USAGE_KERNEL_STACK
Definition: mm.h:339
MI_SET_USAGE
#define MI_SET_USAGE(x)
Definition: mm.h:328
MmDeadStackSListHead
SLIST_HEADER MmDeadStackSListHead
Definition: procsup.c:22
KERNEL_STACK_SIZE
#define KERNEL_STACK_SIZE
KERNEL_LARGE_STACK_COMMIT
#define KERNEL_LARGE_STACK_COMMIT
_HARDWARE_PTE_ARMV6::PageFrameNumber
ULONG PageFrameNumber
Definition: mmtypes.h:109
_MMPTE
Definition: mmtypes.h:212
ExQueryDepthSList
FORCEINLINE USHORT ExQueryDepthSList(_In_ PSLIST_HEADER SListHead)
Definition: exfuncs.h:153
OldIrql
_Requires_lock_held_ Interrupt _Releases_lock_ Interrupt _In_ _IRQL_restores_ KIRQL OldIrql
Definition: kefuncs.h:778
PFN_COUNT
ULONG PFN_COUNT
Definition: mmtypes.h:102
PsGetCurrentProcess
#define PsGetCurrentProcess
Definition: psfuncs.h:17
InterlockedPopEntrySList
#define InterlockedPopEntrySList(SListHead)
Definition: rtlfuncs.h:3409
PSLIST_ENTRY
#define PSLIST_ENTRY
Definition: rtltypes.h:134

◆ MmCreatePeb()

NTSTATUS NTAPI MmCreatePeb ( IN PEPROCESS  Process,
IN PINITIAL_PEB  InitialPeb,
OUT PPEB BasePeb 
)

Definition at line 518 of file procsup.c.

521{
522 PPEB Peb = NULL;
523 LARGE_INTEGER SectionOffset;
524 SIZE_T ViewSize = 0;
525 PVOID TableBase = NULL;
526 PIMAGE_NT_HEADERS NtHeaders;
527 PIMAGE_LOAD_CONFIG_DIRECTORY ImageConfigData;
528 NTSTATUS Status;
529 USHORT Characteristics;
530 SectionOffset.QuadPart = (ULONGLONG)0;
531 *BasePeb = NULL;
532
533 //
534 // Attach to Process
535 //
536 KeAttachProcess(&Process->Pcb);
537
538 //
539 // Map NLS Tables
540 //
541 Status = MmMapViewOfSection(ExpNlsSectionPointer,
542 (PEPROCESS)Process,
543 &TableBase,
544 0,
545 0,
546 &SectionOffset,
547 &ViewSize,
548 ViewShare,
549 MEM_TOP_DOWN,
550 PAGE_READONLY);
551 DPRINT("NLS Tables at: %p\n", TableBase);
552 if (!NT_SUCCESS(Status))
553 {
554 /* Cleanup and exit */
555 KeDetachProcess();
556 return Status;
557 }
558
559 //
560 // Allocate the PEB
561 //
562 Status = MiCreatePebOrTeb(Process, sizeof(PEB), (PULONG_PTR)&Peb);
563 DPRINT("PEB at: %p\n", Peb);
564 if (!NT_SUCCESS(Status))
565 {
566 /* Cleanup and exit */
567 KeDetachProcess();
568 return Status;
569 }
570
571 //
572 // Use SEH in case we can't load the PEB
573 //
574 _SEH2_TRY
575 {
576 //
577 // Initialize the PEB
578 //
579 RtlZeroMemory(Peb, sizeof(PEB));
580
581 //
582 // Set up data
583 //
584 Peb->ImageBaseAddress = Process->SectionBaseAddress;
585 Peb->InheritedAddressSpace = InitialPeb->InheritedAddressSpace;
586 Peb->Mutant = InitialPeb->Mutant;
587 Peb->ImageUsesLargePages = InitialPeb->ImageUsesLargePages;
588
589 //
590 // NLS
591 //
592 Peb->AnsiCodePageData = (PCHAR)TableBase + ExpAnsiCodePageDataOffset;
593 Peb->OemCodePageData = (PCHAR)TableBase + ExpOemCodePageDataOffset;
594 Peb->UnicodeCaseTableData = (PCHAR)TableBase + ExpUnicodeCaseTableDataOffset;
595
596 //
597 // Default Version Data (could get changed below)
598 //
599 Peb->OSMajorVersion = NtMajorVersion;
600 Peb->OSMinorVersion = NtMinorVersion;
601 Peb->OSBuildNumber = (USHORT)(NtBuildNumber & 0x3FFF);
602 Peb->OSPlatformId = VER_PLATFORM_WIN32_NT;
603 Peb->OSCSDVersion = (USHORT)CmNtCSDVersion;
604
605 //
606 // Heap and Debug Data
607 //
608 Peb->NumberOfProcessors = KeNumberProcessors;
609 Peb->ImageProcessAffinityMask = KeActiveProcessors;
610 Peb->BeingDebugged = (BOOLEAN)(Process->DebugPort != NULL);
611 Peb->NtGlobalFlag = NtGlobalFlag;
612 Peb->HeapSegmentReserve = MmHeapSegmentReserve;
613 Peb->HeapSegmentCommit = MmHeapSegmentCommit;
614 Peb->HeapDeCommitTotalFreeThreshold = MmHeapDeCommitTotalFreeThreshold;
615 Peb->HeapDeCommitFreeBlockThreshold = MmHeapDeCommitFreeBlockThreshold;
616 Peb->CriticalSectionTimeout = MmCriticalSectionTimeout;
617 Peb->MinimumStackCommit = MmMinimumStackCommitInBytes;
618 Peb->MaximumNumberOfHeaps = (PAGE_SIZE - sizeof(PEB)) / sizeof(PVOID);
619 Peb->ProcessHeaps = (PVOID*)(Peb + 1);
620
621 //
622 // Session ID
623 //
624 if (Process->Session) Peb->SessionId = MmGetSessionId(Process);
625 }
626 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
627 {
628 //
629 // Fail
630 //
631 KeDetachProcess();
632 _SEH2_YIELD(return _SEH2_GetExceptionCode());
633 }
634 _SEH2_END;
635
636 //
637 // Use SEH in case we can't load the image
638 //
639 _SEH2_TRY
640 {
641 //
642 // Get NT Headers
643 //
644 NtHeaders = RtlImageNtHeader(Peb->ImageBaseAddress);
645 Characteristics = NtHeaders->FileHeader.Characteristics;
646 }
647 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
648 {
649 //
650 // Fail
651 //
652 KeDetachProcess();
653 _SEH2_YIELD(return STATUS_INVALID_IMAGE_PROTECT);
654 }
655 _SEH2_END;
656
657 //
658 // Parse the headers
659 //
660 if (NtHeaders)
661 {
662 //
663 // Use SEH in case we can't load the headers
664 //
665 _SEH2_TRY
666 {
667 //
668 // Get the Image Config Data too
669 //
670 ImageConfigData = RtlImageDirectoryEntryToData(Peb->ImageBaseAddress,
671 TRUE,
672 IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG,
673 (PULONG)&ViewSize);
674 if (ImageConfigData)
675 {
676 //
677 // Probe it
678 //
679 ProbeForRead(ImageConfigData,
680 sizeof(IMAGE_LOAD_CONFIG_DIRECTORY),
681 sizeof(ULONG));
682 }
683
684 //
685 // Write subsystem data
686 //
687 Peb->ImageSubsystem = NtHeaders->OptionalHeader.Subsystem;
688 Peb->ImageSubsystemMajorVersion = NtHeaders->OptionalHeader.MajorSubsystemVersion;
689 Peb->ImageSubsystemMinorVersion = NtHeaders->OptionalHeader.MinorSubsystemVersion;
690
691 //
692 // Check for version data
693 //
694 if (NtHeaders->OptionalHeader.Win32VersionValue)
695 {
696 //
697 // Extract values and write them
698 //
699 Peb->OSMajorVersion = NtHeaders->OptionalHeader.Win32VersionValue & 0xFF;
700 Peb->OSMinorVersion = (NtHeaders->OptionalHeader.Win32VersionValue >> 8) & 0xFF;
701 Peb->OSBuildNumber = (NtHeaders->OptionalHeader.Win32VersionValue >> 16) & 0x3FFF;
702 Peb->OSPlatformId = (NtHeaders->OptionalHeader.Win32VersionValue >> 30) ^ 2;
703
704 /* Process CSD version override */
705 if ((ImageConfigData) && (ImageConfigData->CSDVersion))
706 {
707 /* Take the value from the image configuration directory */
708 Peb->OSCSDVersion = ImageConfigData->CSDVersion;
709 }
710 }
711
712 /* Process optional process affinity mask override */
713 if ((ImageConfigData) && (ImageConfigData->ProcessAffinityMask))
714 {
715 /* Take the value from the image configuration directory */
716 Peb->ImageProcessAffinityMask = ImageConfigData->ProcessAffinityMask;
717 }
718
719 //
720 // Check if this is a UP image
721 if (Characteristics & IMAGE_FILE_UP_SYSTEM_ONLY)
722 {
723 //
724 // Set single processor rotating affinity.
725 // See https://www.microsoftpressstore.com/articles/article.aspx?p=2233328&seqNum=3
726 //
727 Peb->ImageProcessAffinityMask = AFFINITY_MASK(MmRotatingUniprocessorNumber);
728 ASSERT(Peb->ImageProcessAffinityMask & KeActiveProcessors);
729 MmRotatingUniprocessorNumber = (MmRotatingUniprocessorNumber + 1) % KeNumberProcessors;
730 }
731 }
732 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
733 {
734 //
735 // Fail
736 //
737 KeDetachProcess();
738 _SEH2_YIELD(return STATUS_INVALID_IMAGE_PROTECT);
739 }
740 _SEH2_END;
741 }
742
743 //
744 // Detach from the Process
745 //
746 KeDetachProcess();
747 *BasePeb = Peb;
748 return STATUS_SUCCESS;
749}
MmHeapSegmentReserve
SIZE_T MmHeapSegmentReserve
Definition: mminit.c:366
MmHeapDeCommitFreeBlockThreshold
SIZE_T MmHeapDeCommitFreeBlockThreshold
Definition: mminit.c:369
MmHeapDeCommitTotalFreeThreshold
SIZE_T MmHeapDeCommitTotalFreeThreshold
Definition: mminit.c:368
MmHeapSegmentCommit
SIZE_T MmHeapSegmentCommit
Definition: mminit.c:367
PEB
struct _PEB PEB
PAGE_READONLY
#define PAGE_READONLY
Definition: compat.h:138
RtlImageDirectoryEntryToData
#define RtlImageDirectoryEntryToData
Definition: compat.h:809
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
#define IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
Definition: compat.h:153
RtlImageNtHeader
#define RtlImageNtHeader
Definition: compat.h:806
Peb
PPEB Peb
Definition: dllmain.c:27
ProbeForRead
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:90
MmMinimumStackCommitInBytes
SIZE_T MmMinimumStackCommitInBytes
Definition: mminit.c:370
MmCriticalSectionTimeout
LARGE_INTEGER MmCriticalSectionTimeout
Definition: mminit.c:388
PCHAR
#define PCHAR
Definition: match.c:90
AFFINITY_MASK
FORCEINLINE KAFFINITY AFFINITY_MASK(ULONG Index)
Definition: kefuncs.h:39
SectionOffset
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR _In_ SIZE_T _Inout_opt_ PLARGE_INTEGER SectionOffset
Definition: mmfuncs.h:407
ViewSize
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR _In_ SIZE_T _Inout_opt_ PLARGE_INTEGER _Inout_ PSIZE_T ViewSize
Definition: mmfuncs.h:408
VER_PLATFORM_WIN32_NT
#define VER_PLATFORM_WIN32_NT
Definition: rtltypes.h:238
ViewShare
@ ViewShare
Definition: nt_native.h:1278
ExpOemCodePageDataOffset
ULONG ExpOemCodePageDataOffset
Definition: init.c:86
NtMajorVersion
ULONG NtMajorVersion
Definition: init.c:45
ExpUnicodeCaseTableDataOffset
ULONG ExpUnicodeCaseTableDataOffset
Definition: init.c:87
NtGlobalFlag
ULONG NtGlobalFlag
Definition: init.c:54
ExpNlsSectionPointer
PVOID ExpNlsSectionPointer
Definition: init.c:90
ExpAnsiCodePageDataOffset
ULONG ExpAnsiCodePageDataOffset
Definition: init.c:86
NtMinorVersion
ULONG NtMinorVersion
Definition: init.c:46
CmNtCSDVersion
ULONG CmNtCSDVersion
Definition: init.c:59
KeActiveProcessors
KAFFINITY KeActiveProcessors
Definition: processor.c:16
MmGetSessionId
ULONG NTAPI MmGetSessionId(IN PEPROCESS Process)
Definition: session.c:179
KeNumberProcessors
CCHAR KeNumberProcessors
Definition: processor.c:19
MmRotatingUniprocessorNumber
ULONG MmRotatingUniprocessorNumber
Definition: procsup.c:23
MiCreatePebOrTeb
NTSTATUS NTAPI MiCreatePebOrTeb(IN PEPROCESS Process, IN ULONG Size, OUT PULONG_PTR BaseAddress)
Definition: procsup.c:29
STATUS_INVALID_IMAGE_PROTECT
#define STATUS_INVALID_IMAGE_PROTECT
Definition: ntstatus.h:540
BOOLEAN
#define BOOLEAN
Definition: pedump.c:73
USHORT
unsigned short USHORT
Definition: pedump.c:61
IMAGE_FILE_UP_SYSTEM_ONLY
#define IMAGE_FILE_UP_SYSTEM_ONLY
Definition: pedump.c:170
KeDetachProcess
VOID NTAPI KeDetachProcess(VOID)
Definition: procobj.c:621
KeAttachProcess
VOID NTAPI KeAttachProcess(IN PKPROCESS Process)
Definition: procobj.c:582
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:181
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:82
_SEH2_END
#define _SEH2_END
Definition: pseh2_64.h:171
_SEH2_TRY
#define _SEH2_TRY
Definition: pseh2_64.h:71
_SEH2_YIELD
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:184
MmMapViewOfSection
NTSTATUS NTAPI MmMapViewOfSection(IN PVOID SectionObject, IN PEPROCESS Process, IN OUT PVOID *BaseAddress, IN ULONG_PTR ZeroBits, IN SIZE_T CommitSize, IN OUT PLARGE_INTEGER SectionOffset OPTIONAL, IN OUT PSIZE_T ViewSize, IN SECTION_INHERIT InheritDisposition, IN ULONG AllocationType, IN ULONG Protect)
Definition: section.c:4009
DPRINT
#define DPRINT
Definition: sndvol32.h:73
NtBuildNumber
ULONG NtBuildNumber
Definition: init.c:50
IMAGE_LOAD_CONFIG_DIRECTORY32
Definition: ntimage.h:105
IMAGE_LOAD_CONFIG_DIRECTORY32::ProcessAffinityMask
ULONG ProcessAffinityMask
Definition: ntimage.h:119
IMAGE_LOAD_CONFIG_DIRECTORY32::CSDVersion
USHORT CSDVersion
Definition: ntimage.h:120
_EPROCESS
Definition: pstypes.h:1262
_IMAGE_FILE_HEADER::Characteristics
WORD Characteristics
Definition: ntddk_ex.h:128
_IMAGE_NT_HEADERS
Definition: ntddk_ex.h:181
_IMAGE_NT_HEADERS::OptionalHeader
IMAGE_OPTIONAL_HEADER32 OptionalHeader
Definition: ntddk_ex.h:184
_IMAGE_NT_HEADERS::FileHeader
IMAGE_FILE_HEADER FileHeader
Definition: ntddk_ex.h:183
_IMAGE_OPTIONAL_HEADER::Win32VersionValue
DWORD Win32VersionValue
Definition: ntddk_ex.h:166
_IMAGE_OPTIONAL_HEADER::Subsystem
WORD Subsystem
Definition: ntddk_ex.h:170
_IMAGE_OPTIONAL_HEADER::MajorSubsystemVersion
WORD MajorSubsystemVersion
Definition: ntddk_ex.h:164
_IMAGE_OPTIONAL_HEADER::MinorSubsystemVersion
WORD MinorSubsystemVersion
Definition: ntddk_ex.h:165
_PEB::HeapDeCommitTotalFreeThreshold
ULONG HeapDeCommitTotalFreeThreshold
Definition: ntddk_ex.h:277
_PEB::HeapSegmentCommit
ULONG HeapSegmentCommit
Definition: ntddk_ex.h:276
_PEB::ImageSubsystem
ULONG ImageSubsystem
Definition: ntddk_ex.h:304
_PEB::NumberOfProcessors
ULONG NumberOfProcessors
Definition: ntddk_ex.h:269
_PEB::ImageProcessAffinityMask
ULONG ImageProcessAffinityMask
Definition: ntddk_ex.h:307
_PEB::ImageBaseAddress
PVOID ImageBaseAddress
Definition: ntddk_ex.h:245
_PEB::SessionId
ULONG SessionId
Definition: btrfs_drv.h:1919
_PEB::CriticalSectionTimeout
LARGE_INTEGER CriticalSectionTimeout
Definition: ntddk_ex.h:274
_PEB::MaximumNumberOfHeaps
ULONG MaximumNumberOfHeaps
Definition: ntddk_ex.h:287
_PEB::OSMinorVersion
ULONG OSMinorVersion
Definition: ntddk_ex.h:301
_PEB::ProcessHeaps
PVOID * ProcessHeaps
Definition: ntddk_ex.h:288
_PEB::HeapSegmentReserve
ULONG HeapSegmentReserve
Definition: ntddk_ex.h:275
_PEB::AnsiCodePageData
PVOID AnsiCodePageData
Definition: ntddk_ex.h:264
_PEB::ImageSubsystemMinorVersion
ULONG ImageSubsystemMinorVersion
Definition: ntddk_ex.h:306
_PEB::BeingDebugged
BYTE BeingDebugged
Definition: btrfs_drv.h:1909
_PEB::MinimumStackCommit
SIZE_T MinimumStackCommit
Definition: winternl.h:358
_PEB::Mutant
HANDLE Mutant
Definition: ntddk_ex.h:243
_PEB::OSMajorVersion
ULONG OSMajorVersion
Definition: ntddk_ex.h:300
_PEB::OSBuildNumber
ULONG OSBuildNumber
Definition: ntddk_ex.h:302
_PEB::OemCodePageData
PVOID OemCodePageData
Definition: ntddk_ex.h:265
_PEB::NtGlobalFlag
ULONG NtGlobalFlag
Definition: ntddk_ex.h:270
_PEB::InheritedAddressSpace
BOOLEAN InheritedAddressSpace
Definition: ntddk_ex.h:239
_PEB::ImageSubsystemMajorVersion
ULONG ImageSubsystemMajorVersion
Definition: ntddk_ex.h:305
_PEB::OSPlatformId
ULONG OSPlatformId
Definition: ntddk_ex.h:303
_PEB::HeapDeCommitFreeBlockThreshold
ULONG HeapDeCommitFreeBlockThreshold
Definition: ntddk_ex.h:278
_PEB::UnicodeCaseTableData
PVOID UnicodeCaseTableData
Definition: ntddk_ex.h:266
PULONG_PTR
uint32_t * PULONG_PTR
Definition: typedefs.h:65
PULONG
uint32_t * PULONG
Definition: typedefs.h:59
PVOID
void * PVOID
Definition: typedefs.h:50
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
ULONGLONG
uint64_t ULONGLONG
Definition: typedefs.h:67

Referenced by PspCreateProcess().

◆ MmCreateProcessAddressSpace()

BOOLEAN NTAPI MmCreateProcessAddressSpace ( IN ULONG  MinWs,
IN PEPROCESS  Process,
OUT PULONG_PTR  DirectoryTableBase 
)

Definition at line 1161 of file procsup.c.

1164{
1165 KIRQL OldIrql;
1166 PFN_NUMBER TableBaseIndex, HyperIndex, WsListIndex;
1167 ULONG Color;
1168
1169 /* Make sure we don't already have a page directory setup */
1170 ASSERT(Process->Pcb.DirectoryTableBase[0] == 0);
1171 ASSERT(Process->Pcb.DirectoryTableBase[1] == 0);
1172 ASSERT(Process->WorkingSetPage == 0);
1173
1174 /* Choose a process color */
1175 Process->NextPageColor = (USHORT)RtlRandom(&MmProcessColorSeed);
1176
1177 /* Setup the hyperspace lock */
1178 KeInitializeSpinLock(&Process->HyperSpaceLock);
1179
1180 /* Lock PFN database */
1181 OldIrql = MiAcquirePfnLock();
1182
1183 /*
1184 * Get a page for the table base, one for hyper space & one for the working set list.
1185 * The PFNs for these pages will be initialized in MmInitializeProcessAddressSpace,
1186 * when we are already attached to the process.
1187 * The other pages (if any) are allocated in the arch-specific part.
1188 */
1189 Color = MI_GET_NEXT_PROCESS_COLOR(Process);
1190 MI_SET_USAGE(MI_USAGE_PAGE_DIRECTORY);
1191 TableBaseIndex = MiRemoveZeroPageSafe(Color);
1192 if (!TableBaseIndex)
1193 {
1194 /* No zero pages, grab a free one */
1195 TableBaseIndex = MiRemoveAnyPage(Color);
1196
1197 /* Zero it outside the PFN lock */
1198 MiReleasePfnLock(OldIrql);
1199 MiZeroPhysicalPage(TableBaseIndex);
1200 OldIrql = MiAcquirePfnLock();
1201 }
1202 MI_SET_USAGE(MI_USAGE_PAGE_DIRECTORY);
1203 Color = MI_GET_NEXT_PROCESS_COLOR(Process);
1204 HyperIndex = MiRemoveZeroPageSafe(Color);
1205 if (!HyperIndex)
1206 {
1207 /* No zero pages, grab a free one */
1208 HyperIndex = MiRemoveAnyPage(Color);
1209
1210 /* Zero it outside the PFN lock */
1211 MiReleasePfnLock(OldIrql);
1212 MiZeroPhysicalPage(HyperIndex);
1213 OldIrql = MiAcquirePfnLock();
1214 }
1215 MI_SET_USAGE(MI_USAGE_PAGE_TABLE);
1216 Color = MI_GET_NEXT_PROCESS_COLOR(Process);
1217 WsListIndex = MiRemoveZeroPageSafe(Color);
1218 if (!WsListIndex)
1219 {
1220 /* No zero pages, grab a free one */
1221 WsListIndex = MiRemoveAnyPage(Color);
1222
1223 /* Zero it outside the PFN lock */
1224 MiReleasePfnLock(OldIrql);
1225 MiZeroPhysicalPage(WsListIndex);
1226 }
1227 else
1228 {
1229 /* Release the PFN lock */
1230 MiReleasePfnLock(OldIrql);
1231 }
1232
1233 /* Set the base directory pointers */
1234 Process->WorkingSetPage = WsListIndex;
1235 DirectoryTableBase[0] = TableBaseIndex << PAGE_SHIFT;
1236 DirectoryTableBase[1] = HyperIndex << PAGE_SHIFT;
1237
1238 /* Perform the arch-specific parts */
1239 if (!MiArchCreateProcessAddressSpace(Process, DirectoryTableBase))
1240 {
1241 OldIrql = MiAcquirePfnLock();
1242 MiInsertPageInFreeList(WsListIndex);
1243 MiInsertPageInFreeList(HyperIndex);
1244 MiInsertPageInFreeList(TableBaseIndex);
1245 MiReleasePfnLock(OldIrql);
1246 Process->WorkingSetPage = 0;
1247 DirectoryTableBase[0] = 0;
1248 DirectoryTableBase[1] = 0;
1249 return FALSE;
1250 }
1251
1252 /* Switch to phase 1 initialization */
1253 ASSERT(Process->AddressSpaceInitialized == 0);
1254 Process->AddressSpaceInitialized = 1;
1255
1256 /* Add the process to the session */
1257 MiSessionAddProcess(Process);
1258 return TRUE;
1259}
KeInitializeSpinLock
#define KeInitializeSpinLock(sl)
Definition: env_spec_w32.h:604
MiSessionAddProcess
VOID NTAPI MiSessionAddProcess(IN PEPROCESS NewProcess)
Definition: session.c:423
MiInsertPageInFreeList
VOID NTAPI MiInsertPageInFreeList(IN PFN_NUMBER PageFrameIndex)
Definition: pfnlist.c:611
MI_GET_NEXT_PROCESS_COLOR
#define MI_GET_NEXT_PROCESS_COLOR(x)
Definition: miarm.h:237
MiRemoveZeroPageSafe
FORCEINLINE PFN_NUMBER MiRemoveZeroPageSafe(IN ULONG Color)
Definition: miarm.h:2409
RtlRandom
NTSYSAPI ULONG NTAPI RtlRandom(_Inout_ PULONG Seed)
MiZeroPhysicalPage
VOID NTAPI MiZeroPhysicalPage(IN PFN_NUMBER PageFrameIndex)
Definition: pfnlist.c:122
MI_USAGE_PAGE_TABLE
@ MI_USAGE_PAGE_TABLE
Definition: mm.h:345
MI_USAGE_PAGE_DIRECTORY
@ MI_USAGE_PAGE_DIRECTORY
Definition: mm.h:346
MiArchCreateProcessAddressSpace
BOOLEAN MiArchCreateProcessAddressSpace(_In_ PEPROCESS Process, _In_ PULONG_PTR DirectoryTableBase)
Definition: procsup.c:21
MmProcessColorSeed
ULONG MmProcessColorSeed
Definition: procsup.c:20

◆ MmCreateTeb()

NTSTATUS NTAPI MmCreateTeb ( IN PEPROCESS  Process,
IN PCLIENT_ID  ClientId,
IN PINITIAL_TEB  InitialTeb,
OUT PTEB BaseTeb 
)

Definition at line 753 of file procsup.c.

757{
758 PTEB Teb;
759 NTSTATUS Status = STATUS_SUCCESS;
760 *BaseTeb = NULL;
761
762 //
763 // Attach to Target
764 //
765 KeAttachProcess(&Process->Pcb);
766
767 //
768 // Allocate the TEB
769 //
770 Status = MiCreatePebOrTeb(Process, sizeof(TEB), (PULONG_PTR)&Teb);
771 if (!NT_SUCCESS(Status))
772 {
773 /* Cleanup and exit */
774 KeDetachProcess();
775 return Status;
776 }
777
778 //
779 // Use SEH in case we can't load the TEB
780 //
781 _SEH2_TRY
782 {
783 //
784 // Initialize the PEB
785 //
786 RtlZeroMemory(Teb, sizeof(TEB));
787
788 //
789 // Set TIB Data
790 //
791#ifdef _M_AMD64
792 Teb->NtTib.ExceptionList = NULL;
793#else
794 Teb->NtTib.ExceptionList = EXCEPTION_CHAIN_END;
795#endif
796 Teb->NtTib.Self = (PNT_TIB)Teb;
797
798 //
799 // Identify this as an OS/2 V3.0 ("Cruiser") TIB
800 //
801 Teb->NtTib.Version = 30 << 8;
802
803 //
804 // Set TEB Data
805 //
806 Teb->ClientId = *ClientId;
807 Teb->RealClientId = *ClientId;
808 Teb->ProcessEnvironmentBlock = Process->Peb;
809 Teb->CurrentLocale = PsDefaultThreadLocaleId;
810
811 //
812 // Check if we have a grandparent TEB
813 //
814 if ((InitialTeb->PreviousStackBase == NULL) &&
815 (InitialTeb->PreviousStackLimit == NULL))
816 {
817 //
818 // Use initial TEB values
819 //
820 Teb->NtTib.StackBase = InitialTeb->StackBase;
821 Teb->NtTib.StackLimit = InitialTeb->StackLimit;
822 Teb->DeallocationStack = InitialTeb->AllocatedStackBase;
823 }
824 else
825 {
826 //
827 // Use grandparent TEB values
828 //
829 Teb->NtTib.StackBase = InitialTeb->PreviousStackBase;
830 Teb->NtTib.StackLimit = InitialTeb->PreviousStackLimit;
831 }
832
833 //
834 // Initialize the static unicode string
835 //
836 Teb->StaticUnicodeString.MaximumLength = sizeof(Teb->StaticUnicodeBuffer);
837 Teb->StaticUnicodeString.Buffer = Teb->StaticUnicodeBuffer;
838 }
839 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
840 {
841 //
842 // Get error code
843 //
844 Status = _SEH2_GetExceptionCode();
845 }
846 _SEH2_END;
847
848 //
849 // Return
850 //
851 KeDetachProcess();
852 *BaseTeb = Teb;
853 return Status;
854}
PNT_TIB
struct _NT_TIB * PNT_TIB
EXCEPTION_CHAIN_END
#define EXCEPTION_CHAIN_END
Definition: rtltypes.h:63
PsDefaultThreadLocaleId
LCID PsDefaultThreadLocaleId
Definition: locale.c:24
_NT_TIB::Self
struct _NT_TIB * Self
Definition: compat.h:720
_NT_TIB::StackLimit
PVOID StackLimit
Definition: compat.h:713
_NT_TIB::Version
DWORD Version
Definition: compat.h:717
_NT_TIB::StackBase
PVOID StackBase
Definition: compat.h:712
_NT_TIB::ExceptionList
struct _EXCEPTION_REGISTRATION_RECORD * ExceptionList
Definition: compat.h:711
_TEB::StaticUnicodeBuffer
WCHAR StaticUnicodeBuffer[261]
Definition: compat.h:877
_TEB::CurrentLocale
ULONG CurrentLocale
Definition: compat.h:849
_TEB::NtTib
NT_TIB NtTib
Definition: ntddk_ex.h:332
_TEB::StaticUnicodeString
UNICODE_STRING StaticUnicodeString
Definition: compat.h:876
_TEB::ClientId
CLIENT_ID ClientId
Definition: compat.h:839
_TEB::RealClientId
CLIENT_ID RealClientId
Definition: compat.h:861
_TEB::ProcessEnvironmentBlock
PPEB ProcessEnvironmentBlock
Definition: ntddk_ex.h:337
_TEB::DeallocationStack
PVOID DeallocationStack
Definition: compat.h:878
_UNICODE_STRING::MaximumLength
USHORT MaximumLength
Definition: env_spec_w32.h:370
_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: env_spec_w32.h:371
ClientId
_Out_ PCLIENT_ID ClientId
Definition: kefuncs.h:1151

Referenced by PspCreateThread().

◆ MmDeleteKernelStack()

VOID NTAPI MmDeleteKernelStack ( IN PVOID  StackBase,
IN BOOLEAN  GuiStack 
)

Definition at line 187 of file procsup.c.

189{
190 PMMPTE PointerPte;
191 PFN_NUMBER PageFrameNumber, PageTableFrameNumber;
192 PFN_COUNT StackPages;
193 PMMPFN Pfn1, Pfn2;
194 ULONG i;
195 KIRQL OldIrql;
196 PSLIST_ENTRY SListEntry;
197
198 //
199 // This should be the guard page, so decrement by one
200 //
201 PointerPte = MiAddressToPte(StackBase);
202 PointerPte--;
203
204 //
205 // If this is a small stack, just push the stack onto the dead stack S-LIST
206 //
207 if (!GuiStack)
208 {
209 if (ExQueryDepthSList(&MmDeadStackSListHead) < MmMaximumDeadKernelStacks)
210 {
211 SListEntry = ((PSLIST_ENTRY)StackBase) - 1;
212 InterlockedPushEntrySList(&MmDeadStackSListHead, SListEntry);
213 return;
214 }
215 }
216
217 //
218 // Calculate pages used
219 //
220 StackPages = BYTES_TO_PAGES(GuiStack ?
221 MmLargeStackSize : KERNEL_STACK_SIZE);
222
223 /* Acquire the PFN lock */
224 OldIrql = MiAcquirePfnLock();
225
226 //
227 // Loop them
228 //
229 for (i = 0; i < StackPages; i++)
230 {
231 //
232 // Check if this is a valid PTE
233 //
234 if (PointerPte->u.Hard.Valid == 1)
235 {
236 /* Get the PTE's page */
237 PageFrameNumber = PFN_FROM_PTE(PointerPte);
238 Pfn1 = MiGetPfnEntry(PageFrameNumber);
239
240 /* Now get the page of the page table mapping it */
241 PageTableFrameNumber = Pfn1->u4.PteFrame;
242 Pfn2 = MiGetPfnEntry(PageTableFrameNumber);
243
244 /* Remove a shared reference, since the page is going away */
245 MiDecrementShareCount(Pfn2, PageTableFrameNumber);
246
247 /* Set the special pending delete marker */
248 MI_SET_PFN_DELETED(Pfn1);
249
250 /* And now delete the actual stack page */
251 MiDecrementShareCount(Pfn1, PageFrameNumber);
252 }
253
254 //
255 // Next one
256 //
257 PointerPte--;
258 }
259
260 //
261 // We should be at the guard page now
262 //
263 ASSERT(PointerPte->u.Hard.Valid == 0);
264
265 /* Release the PFN lock */
266 MiReleasePfnLock(OldIrql);
267
268 //
269 // Release the PTEs
270 //
271 MiReleaseSystemPtes(PointerPte, StackPages + 1, SystemPteSpace);
272}
MI_SET_PFN_DELETED
#define MI_SET_PFN_DELETED(x)
Definition: miarm.h:208
MiReleaseSystemPtes
VOID NTAPI MiReleaseSystemPtes(IN PMMPTE StartingPte, IN ULONG NumberOfPtes, IN MMSYSTEM_PTE_POOL_TYPE SystemPtePoolType)
Definition: syspte.c:264
MiDecrementShareCount
VOID NTAPI MiDecrementShareCount(IN PMMPFN Pfn1, IN PFN_NUMBER PageFrameIndex)
Definition: pfnlist.c:1141
MiAddressToPte
#define MiAddressToPte(x)
Definition: mmx86.c:19
PFN_FROM_PTE
#define PFN_FROM_PTE(v)
Definition: mm.h:92
MiGetPfnEntry
FORCEINLINE PMMPFN MiGetPfnEntry(IN PFN_NUMBER Pfn)
Definition: mm.h:1047
MmMaximumDeadKernelStacks
ULONG MmMaximumDeadKernelStacks
Definition: procsup.c:21
_MMPFN
Definition: mm.h:391
_MMPFN::u4
union _MMPFN::@1847 u4
_MMPFN::PteFrame
ULONG_PTR PteFrame
Definition: mm.h:438
_MMPTE_HARDWARE::Valid
ULONG64 Valid
Definition: mmtypes.h:150
_MMPTE::u
union _MMPTE::@2423 u
_MMPTE::Hard
MMPTE_HARDWARE Hard
Definition: mmtypes.h:217
InterlockedPushEntrySList
#define InterlockedPushEntrySList(SListHead, SListEntry)
Definition: rtlfuncs.h:3406

◆ MmDeleteProcessAddressSpace()

VOID NTAPI MmDeleteProcessAddressSpace ( IN PEPROCESS  Process)

Definition at line 1357 of file procsup.c.

1358{
1359 PMMPFN Pfn1, Pfn2;
1360 KIRQL OldIrql;
1361 PFN_NUMBER PageFrameIndex;
1362
1363#ifndef _M_AMD64
1364 OldIrql = MiAcquireExpansionLock();
1365 RemoveEntryList(&Process->MmProcessLinks);
1366 MiReleaseExpansionLock(OldIrql);
1367#endif
1368
1369 //ASSERT(Process->CommitCharge == 0);
1370
1371 /* Remove us from the list */
1372 OldIrql = MiAcquireExpansionLock();
1373 if (Process->Vm.WorkingSetExpansionLinks.Flink != NULL)
1374 RemoveEntryList(&Process->Vm.WorkingSetExpansionLinks);
1375 MiReleaseExpansionLock(OldIrql);
1376
1377 /* Acquire the PFN lock */
1378 OldIrql = MiAcquirePfnLock();
1379
1380 /* Check for fully initialized process */
1381 if (Process->AddressSpaceInitialized == 2)
1382 {
1383 /* Map the working set page and its page table */
1384 Pfn1 = MiGetPfnEntry(Process->WorkingSetPage);
1385 Pfn2 = MiGetPfnEntry(Pfn1->u4.PteFrame);
1386
1387 /* Nuke it */
1388 MI_SET_PFN_DELETED(Pfn1);
1389 MiDecrementShareCount(Pfn2, Pfn1->u4.PteFrame);
1390 MiDecrementShareCount(Pfn1, Process->WorkingSetPage);
1391 ASSERT((Pfn1->u3.e2.ReferenceCount == 0) || (Pfn1->u3.e1.WriteInProgress));
1392
1393 /* Now map hyperspace and its page table */
1394 PageFrameIndex = Process->Pcb.DirectoryTableBase[1] >> PAGE_SHIFT;
1395 Pfn1 = MiGetPfnEntry(PageFrameIndex);
1396 Pfn2 = MiGetPfnEntry(Pfn1->u4.PteFrame);
1397
1398 /* Nuke it */
1399 MI_SET_PFN_DELETED(Pfn1);
1400 MiDecrementShareCount(Pfn2, Pfn1->u4.PteFrame);
1401 MiDecrementShareCount(Pfn1, PageFrameIndex);
1402 ASSERT((Pfn1->u3.e2.ReferenceCount == 0) || (Pfn1->u3.e1.WriteInProgress));
1403
1404 /* Finally, nuke the PDE itself */
1405 PageFrameIndex = Process->Pcb.DirectoryTableBase[0] >> PAGE_SHIFT;
1406 Pfn1 = MiGetPfnEntry(PageFrameIndex);
1407 MI_SET_PFN_DELETED(Pfn1);
1408 MiDecrementShareCount(Pfn1, PageFrameIndex);
1409 MiDecrementShareCount(Pfn1, PageFrameIndex);
1410
1411 /* Page table is now dead. Bye bye... */
1412 ASSERT((Pfn1->u3.e2.ReferenceCount == 0) || (Pfn1->u3.e1.WriteInProgress));
1413 }
1414 else
1415 {
1416 DPRINT1("Deleting partially initialized address space of Process %p. Might leak resources.\n",
1417 Process);
1418 }
1419
1420 /* Release the PFN lock */
1421 MiReleasePfnLock(OldIrql);
1422
1423 /* Drop a reference on the session */
1424 if (Process->Session) MiReleaseProcessReferenceToSessionDataPage(Process->Session);
1425
1426 /* Clear out the PDE pages */
1427 Process->Pcb.DirectoryTableBase[0] = 0;
1428 Process->Pcb.DirectoryTableBase[1] = 0;
1429}
RemoveEntryList
#define RemoveEntryList(Entry)
Definition: env_spec_w32.h:986
MiAcquireExpansionLock
FORCEINLINE KIRQL MiAcquireExpansionLock(VOID)
Definition: miarm.h:1534
MiReleaseProcessReferenceToSessionDataPage
VOID NTAPI MiReleaseProcessReferenceToSessionDataPage(IN PMM_SESSION_SPACE SessionGlobal)
Definition: session.c:209
MiReleaseExpansionLock
FORCEINLINE VOID MiReleaseExpansionLock(KIRQL OldIrql)
Definition: miarm.h:1547
_MMPFNENTRY::WriteInProgress
USHORT WriteInProgress
Definition: mm.h:373
_MMPFN::e2
struct _MMPFN::@1844::@1850 e2
_MMPFN::e1
MMPFNENTRY e1
Definition: mm.h:414
_MMPFN::u3
union _MMPFN::@1844 u3

Referenced by PspDeleteProcess().

◆ MmDeleteTeb()

VOID NTAPI MmDeleteTeb ( IN PEPROCESS  Process,
IN PTEB  Teb 
)

Definition at line 122 of file procsup.c.

124{
125 ULONG_PTR TebEnd;
126 PETHREAD Thread = PsGetCurrentThread();
127 PMMVAD Vad;
128 PMM_AVL_TABLE VadTree = &Process->VadRoot;
129 DPRINT("Deleting TEB: %p in %16s\n", Teb, Process->ImageFileName);
130
131 /* TEB is one page */
132 TebEnd = (ULONG_PTR)Teb + ROUND_TO_PAGES(sizeof(TEB)) - 1;
133
134 /* Attach to the process */
135 KeAttachProcess(&Process->Pcb);
136
137 /* Lock the process address space */
138 KeAcquireGuardedMutex(&Process->AddressCreationLock);
139
140 /* Find the VAD, make sure it's a TEB VAD */
141 Vad = MiLocateAddress(Teb);
142 DPRINT("Removing node for VAD: %lx %lx\n", Vad->StartingVpn, Vad->EndingVpn);
143 ASSERT(Vad != NULL);
144 if (Vad->StartingVpn != ((ULONG_PTR)Teb >> PAGE_SHIFT))
145 {
146 /* Bug in the AVL code? */
147 DPRINT1("Corrupted VAD!\n");
148 }
149 else
150 {
151 /* Sanity checks for a valid TEB VAD */
152 ASSERT((Vad->StartingVpn == ((ULONG_PTR)Teb >> PAGE_SHIFT) &&
153 (Vad->EndingVpn == (TebEnd >> PAGE_SHIFT))));
154 ASSERT(Vad->u.VadFlags.NoChange == TRUE);
155 ASSERT(Vad->u2.VadFlags2.OneSecured == TRUE);
156 ASSERT(Vad->u2.VadFlags2.MultipleSecured == FALSE);
157
158 /* Lock the working set */
159 MiLockProcessWorkingSetUnsafe(Process, Thread);
160
161 /* Remove this VAD from the tree */
162 ASSERT(VadTree->NumberGenericTableElements >= 1);
163 MiRemoveNode((PMMADDRESS_NODE)Vad, VadTree);
164
165 /* Delete the pages */
166 MiDeleteVirtualAddresses((ULONG_PTR)Teb, TebEnd, NULL);
167
168 /* Release the working set */
169 MiUnlockProcessWorkingSetUnsafe(Process, Thread);
170
171 /* Remove the VAD */
172 ExFreePool(Vad);
173
174 /* Return the quota the VAD used */
175 PsReturnProcessNonPagedPoolQuota(Process, sizeof(MMVAD_LONG));
176 }
177
178 /* Release the address space lock */
179 KeReleaseGuardedMutex(&Process->AddressCreationLock);
180
181 /* Detach */
182 KeDetachProcess();
183}
KeReleaseGuardedMutex
VOID FASTCALL KeReleaseGuardedMutex(IN OUT PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:53
KeAcquireGuardedMutex
VOID FASTCALL KeAcquireGuardedMutex(IN PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:42
MiLocateAddress
PMMVAD NTAPI MiLocateAddress(IN PVOID VirtualAddress)
_MMVAD_FLAGS2::MultipleSecured
ULONG MultipleSecured
Definition: mmtypes.h:709
_MMVAD::u2
union _MMVAD::@2713 u2
_MMVAD::VadFlags2
MMVAD_FLAGS2 VadFlags2
Definition: mmtypes.h:742

◆ MmGrowKernelStack()

NTSTATUS NTAPI MmGrowKernelStack ( IN PVOID  StackPointer)

Definition at line 477 of file procsup.c.

478{
479 //
480 // Call the extended version
481 //
482 return MmGrowKernelStackEx(StackPointer, KERNEL_LARGE_STACK_COMMIT);
483}
MmGrowKernelStackEx
NTSTATUS NTAPI MmGrowKernelStackEx(IN PVOID StackPointer, IN ULONG GrowSize)
Definition: procsup.c:389

Referenced by KiUserModeCallout().

◆ MmGrowKernelStackEx()

NTSTATUS NTAPI MmGrowKernelStackEx ( IN PVOID  StackPointer,
IN ULONG  GrowSize 
)

Definition at line 389 of file procsup.c.

391{
392 PKTHREAD Thread = KeGetCurrentThread();
393 PMMPTE LimitPte, NewLimitPte, LastPte;
394 KIRQL OldIrql;
395 MMPTE TempPte, InvalidPte;
396 PFN_NUMBER PageFrameIndex;
397
398 //
399 // Make sure the stack did not overflow
400 //
401 ASSERT(((ULONG_PTR)Thread->StackBase - (ULONG_PTR)Thread->StackLimit) <=
402 (MmLargeStackSize + PAGE_SIZE));
403
404 //
405 // Get the current stack limit
406 //
407 LimitPte = MiAddressToPte(Thread->StackLimit);
408 ASSERT(LimitPte->u.Hard.Valid == 1);
409
410 //
411 // Get the new one and make sure this isn't a retarded request
412 //
413 NewLimitPte = MiAddressToPte((PVOID)((ULONG_PTR)StackPointer - GrowSize));
414 if (NewLimitPte == LimitPte) return STATUS_SUCCESS;
415
416 //
417 // Now make sure you're not going past the reserved space
418 //
419 LastPte = MiAddressToPte((PVOID)((ULONG_PTR)Thread->StackBase -
420 MmLargeStackSize));
421 if (NewLimitPte < LastPte)
422 {
423 //
424 // Sorry!
425 //
426 return STATUS_STACK_OVERFLOW;
427 }
428
429 //
430 // Calculate the number of new pages
431 //
432 LimitPte--;
433
434 /* Setup the temporary invalid PTE */
435 MI_MAKE_SOFTWARE_PTE(&InvalidPte, MM_NOACCESS);
436
437 //
438 // Acquire the PFN DB lock
439 //
440 OldIrql = MiAcquirePfnLock();
441
442 //
443 // Loop each stack page
444 //
445 while (LimitPte >= NewLimitPte)
446 {
447 /* Get a page and write the current invalid PTE */
448 MI_SET_USAGE(MI_USAGE_KERNEL_STACK_EXPANSION);
449 MI_SET_PROCESS2(PsGetCurrentProcess()->ImageFileName);
450 PageFrameIndex = MiRemoveAnyPage(MI_GET_NEXT_COLOR());
451 MI_WRITE_INVALID_PTE(LimitPte, InvalidPte);
452
453 /* Initialize the PFN entry for this page */
454 MiInitializePfn(PageFrameIndex, LimitPte, 1);
455
456 /* Setup the template stack PTE */
457 MI_MAKE_HARDWARE_PTE_KERNEL(&TempPte, LimitPte, MM_READWRITE, PageFrameIndex);
458
459 /* Write the valid PTE */
460 MI_WRITE_VALID_PTE(LimitPte--, TempPte);
461 }
462
463 //
464 // Release the PFN lock
465 //
466 MiReleasePfnLock(OldIrql);
467
468 //
469 // Set the new limit
470 //
471 Thread->StackLimit = (ULONG_PTR)MiPteToAddress(NewLimitPte);
472 return STATUS_SUCCESS;
473}
KeGetCurrentThread
#define KeGetCurrentThread
Definition: hal.h:55
MI_USAGE_KERNEL_STACK_EXPANSION
@ MI_USAGE_KERNEL_STACK_EXPANSION
Definition: mm.h:340
STATUS_STACK_OVERFLOW
#define STATUS_STACK_OVERFLOW
Definition: ntstatus.h:489
_KTHREAD
Definition: ketypes.h:1823

Referenced by MmGrowKernelStack().

◆ MmInitializeHandBuiltProcess()

NTSTATUS NTAPI MmInitializeHandBuiltProcess ( IN PEPROCESS  Process,
IN PULONG_PTR  DirectoryTableBase 
)

Definition at line 1127 of file procsup.c.

1129{
1130 /* Share the directory base with the idle process */
1131 DirectoryTableBase[0] = PsGetCurrentProcess()->Pcb.DirectoryTableBase[0];
1132 DirectoryTableBase[1] = PsGetCurrentProcess()->Pcb.DirectoryTableBase[1];
1133
1134 /* Initialize the Addresss Space */
1135 KeInitializeGuardedMutex(&Process->AddressCreationLock);
1136 KeInitializeSpinLock(&Process->HyperSpaceLock);
1137 Process->Vm.WorkingSetExpansionLinks.Flink = NULL;
1138 ASSERT(Process->VadRoot.NumberGenericTableElements == 0);
1139 Process->VadRoot.BalancedRoot.u1.Parent = &Process->VadRoot.BalancedRoot;
1140
1141 /* Use idle process Working set */
1142 Process->Vm.VmWorkingSetList = PsGetCurrentProcess()->Vm.VmWorkingSetList;
1143 Process->WorkingSetPage = PsGetCurrentProcess()->WorkingSetPage;
1144
1145 /* Done */
1146 Process->HasAddressSpace = TRUE;//??
1147 return STATUS_SUCCESS;
1148}
KeInitializeGuardedMutex
VOID FASTCALL KeInitializeGuardedMutex(OUT PKGUARDED_MUTEX GuardedMutex)
Definition: gmutex.c:31

Referenced by PspCreateProcess().

◆ MmInitializeHandBuiltProcess2()

NTSTATUS NTAPI MmInitializeHandBuiltProcess2 ( IN PEPROCESS  Process)

Definition at line 1153 of file procsup.c.

1154{
1155 /* Lock the VAD, ARM3-owned ranges away */
1156 return STATUS_SUCCESS;
1157}

Referenced by PspCreateProcess().

◆ MmInitializeProcessAddressSpace()

NTSTATUS NTAPI MmInitializeProcessAddressSpace ( IN PEPROCESS  Process,
IN PEPROCESS ProcessClone  OPTIONAL,
IN PVOID Section  OPTIONAL,
IN OUT PULONG  Flags,
IN POBJECT_NAME_INFORMATION *AuditName  OPTIONAL 
)

Definition at line 932 of file procsup.c.

937{
938 NTSTATUS Status = STATUS_SUCCESS;
939 SIZE_T ViewSize = 0;
940 PVOID ImageBase = 0;
941 PMMPTE PointerPte;
942 KIRQL OldIrql;
943 PMMPDE PointerPde;
944 PMMPFN Pfn;
945 PFN_NUMBER PageFrameNumber;
946 UNICODE_STRING FileName;
947 PWCHAR Source;
948 PCHAR Destination;
949 USHORT Length = 0;
950
951#if (_MI_PAGING_LEVELS >= 3)
952 PMMPPE PointerPpe;
953#endif
954#if (_MI_PAGING_LEVELS == 4)
955 PMMPXE PointerPxe;
956#endif
957
958 /* We should have a PDE */
959 ASSERT(Process->Pcb.DirectoryTableBase[0] != 0);
960 ASSERT(Process->PdeUpdateNeeded == FALSE);
961
962 /* Attach to the process */
963 KeAttachProcess(&Process->Pcb);
964
965 /* The address space should now been in phase 1 or 0 */
966 ASSERT(Process->AddressSpaceInitialized <= 1);
967 Process->AddressSpaceInitialized = 2;
968
969 /* Initialize the Addresss Space lock */
970 KeInitializeGuardedMutex(&Process->AddressCreationLock);
971 Process->Vm.WorkingSetExpansionLinks.Flink = NULL;
972
973 /* Initialize AVL tree */
974 ASSERT(Process->VadRoot.NumberGenericTableElements == 0);
975 Process->VadRoot.BalancedRoot.u1.Parent = &Process->VadRoot.BalancedRoot;
976
977 /* Lock our working set */
978 MiLockProcessWorkingSet(Process, PsGetCurrentThread());
979
980 /* Lock PFN database */
981 OldIrql = MiAcquirePfnLock();
982
983 /* Setup the PFN for the PDE base of this process */
984#if (_MI_PAGING_LEVELS == 4)
985 PointerPte = MiAddressToPte(PXE_BASE);
986#elif (_MI_PAGING_LEVELS == 3)
987 PointerPte = MiAddressToPte(PPE_BASE);
988#else
989 PointerPte = MiAddressToPte(PDE_BASE);
990#endif
991 PageFrameNumber = PFN_FROM_PTE(PointerPte);
992 ASSERT(Process->Pcb.DirectoryTableBase[0] == PageFrameNumber * PAGE_SIZE);
993 MiInitializePfn(PageFrameNumber, PointerPte, TRUE);
994
995 /* Do the same for hyperspace */
996 PointerPde = MiAddressToPde(HYPER_SPACE);
997 PageFrameNumber = PFN_FROM_PTE(PointerPde);
998 MiInitializePfn(PageFrameNumber, (PMMPTE)PointerPde, TRUE);
999#if (_MI_PAGING_LEVELS == 2)
1000 ASSERT(Process->Pcb.DirectoryTableBase[1] == PageFrameNumber * PAGE_SIZE);
1001#endif
1002
1003#if (_MI_PAGING_LEVELS >= 3)
1004 PointerPpe = MiAddressToPpe((PVOID)HYPER_SPACE);
1005 PageFrameNumber = PFN_FROM_PTE(PointerPpe);
1006 MiInitializePfn(PageFrameNumber, PointerPpe, TRUE);
1007#if (_MI_PAGING_LEVELS == 3)
1008 ASSERT(Process->Pcb.DirectoryTableBase[1] == PageFrameNumber * PAGE_SIZE);
1009#endif
1010#endif
1011#if (_MI_PAGING_LEVELS == 4)
1012 PointerPxe = MiAddressToPxe((PVOID)HYPER_SPACE);
1013 PageFrameNumber = PFN_FROM_PTE(PointerPxe);
1014 MiInitializePfn(PageFrameNumber, PointerPxe, TRUE);
1015 ASSERT(Process->Pcb.DirectoryTableBase[1] == PageFrameNumber * PAGE_SIZE);
1016#endif
1017
1018 /* Do the same for the Working set list */
1019 PointerPte = MiAddressToPte(MmWorkingSetList);
1020 PageFrameNumber = PFN_FROM_PTE(PointerPte);
1021 MiInitializePfn(PageFrameNumber, PointerPte, TRUE);
1022
1023 /* All our pages are now active & valid. Release the lock. */
1024 MiReleasePfnLock(OldIrql);
1025
1026 /* This should be in hyper space, but not in the mapping range */
1027 Process->Vm.VmWorkingSetList = MmWorkingSetList;
1028 ASSERT(((ULONG_PTR)MmWorkingSetList >= MI_MAPPING_RANGE_END) && ((ULONG_PTR)MmWorkingSetList <= HYPER_SPACE_END));
1029
1030 /* Now initialize the working set list */
1031 MiInitializeWorkingSetList(&Process->Vm);
1032
1033 /* The rule is that the owner process is always in the FLINK of the PDE's PFN entry */
1034 Pfn = MiGetPfnEntry(Process->Pcb.DirectoryTableBase[0] >> PAGE_SHIFT);
1035 ASSERT(Pfn->u4.PteFrame == MiGetPfnEntryIndex(Pfn));
1036 ASSERT(Pfn->u1.WsIndex == 0);
1037 Pfn->u1.Event = (PKEVENT)Process;
1038
1039 /* Sanity check */
1040 ASSERT(Process->PhysicalVadRoot == NULL);
1041
1042 /* Release the process working set */
1043 MiUnlockProcessWorkingSet(Process, PsGetCurrentThread());
1044
1045#ifdef _M_AMD64
1046 /* On x64 we need a VAD for the shared user page */
1047 Status = MiInsertSharedUserPageVad(Process);
1048 if (!NT_SUCCESS(Status))
1049 {
1050 DPRINT1("MiCreateSharedUserPageVad() failed: 0x%lx\n", Status);
1051 return Status;
1052 }
1053#endif
1054
1055 /* Check if there's a Section Object */
1056 if (Section)
1057 {
1058 /* Determine the image file name and save it to EPROCESS */
1059 PFILE_OBJECT FileObject = MmGetFileObjectForSection(Section);
1060 FileName = FileObject->FileName;
1061 Source = (PWCHAR)((PCHAR)FileName.Buffer + FileName.Length);
1062 if (FileName.Buffer)
1063 {
1064 /* Loop the file name*/
1065 while (Source > FileName.Buffer)
1066 {
1067 /* Make sure this isn't a backslash */
1068 if (*--Source == OBJ_NAME_PATH_SEPARATOR)
1069 {
1070 /* If so, stop it here */
1071 Source++;
1072 break;
1073 }
1074 else
1075 {
1076 /* Otherwise, keep going */
1077 Length++;
1078 }
1079 }
1080 }
1081
1082 /* Copy the to the process and truncate it to 15 characters if necessary */
1083 Destination = Process->ImageFileName;
1084 Length = min(Length, sizeof(Process->ImageFileName) - 1);
1085 while (Length--) *Destination++ = (UCHAR)*Source++;
1086 *Destination = ANSI_NULL;
1087
1088 /* Check if caller wants an audit name */
1089 if (AuditName)
1090 {
1091 /* Setup the audit name */
1092 Status = SeInitializeProcessAuditName(FileObject, FALSE, AuditName);
1093 if (!NT_SUCCESS(Status))
1094 {
1095 /* Fail */
1096 KeDetachProcess();
1097 return Status;
1098 }
1099 }
1100
1101 /* Map the section */
1102 Status = MmMapViewOfSection(Section,
1103 Process,
1104 (PVOID*)&ImageBase,
1105 0,
1106 0,
1107 NULL,
1108 &ViewSize,
1109 ViewUnmap,
1110 MEM_COMMIT,
1111 PAGE_READWRITE);
1112
1113 /* Save the pointer */
1114 Process->SectionBaseAddress = ImageBase;
1115 }
1116
1117 /* Be nice and detach */
1118 KeDetachProcess();
1119
1120 /* Return status to caller */
1121 return Status;
1122}
PDE_BASE
#define PDE_BASE
Definition: winldr.c:21
OBJ_NAME_PATH_SEPARATOR
#define OBJ_NAME_PATH_SEPARATOR
Definition: arcname_tests.c:25
PKEVENT
#define PKEVENT
Definition: env_spec_w32.h:70
FileName
struct _FileName FileName
Definition: fatprocs.h:897
MiUnlockProcessWorkingSet
FORCEINLINE VOID MiUnlockProcessWorkingSet(IN PEPROCESS Process, IN PETHREAD Thread)
Definition: miarm.h:1197
MiLockProcessWorkingSet
FORCEINLINE VOID MiLockProcessWorkingSet(IN PEPROCESS Process, IN PETHREAD Thread)
Definition: miarm.h:1127
MiAddressToPde
#define MiAddressToPde(x)
Definition: mmx86.c:20
min
#define min(a, b)
Definition: monoChain.cc:55
Source
_In_ UINT _In_ UINT _In_ PNDIS_PACKET Source
Definition: ndis.h:3169
Destination
_In_ PUNICODE_STRING _Inout_ PUNICODE_STRING Destination
Definition: rtlfuncs.h:3043
PAGE_READWRITE
#define PAGE_READWRITE
Definition: nt_native.h:1304
ViewUnmap
@ ViewUnmap
Definition: nt_native.h:1279
MEM_COMMIT
#define MEM_COMMIT
Definition: nt_native.h:1313
ANSI_NULL
#define ANSI_NULL
Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
MmWorkingSetList
PMMWSL MmWorkingSetList
Definition: wslist.cpp:19
HYPER_SPACE
#define HYPER_SPACE
Definition: mm.h:14
MI_MAPPING_RANGE_END
#define MI_MAPPING_RANGE_END
Definition: mm.h:48
HYPER_SPACE_END
#define HYPER_SPACE_END
Definition: mm.h:15
MiAddressToPpe
FORCEINLINE PMMPTE MiAddressToPpe(PVOID Address)
Definition: mm.h:161
MiAddressToPxe
FORCEINLINE PMMPTE MiAddressToPxe(PVOID Address)
Definition: mm.h:171
MmGetFileObjectForSection
PFILE_OBJECT NTAPI MmGetFileObjectForSection(IN PVOID Section)
Definition: section.c:1540
MiGetPfnEntryIndex
FORCEINLINE PFN_NUMBER MiGetPfnEntryIndex(IN PMMPFN Pfn1)
Definition: mm.h:1067
SeInitializeProcessAuditName
NTSTATUS NTAPI SeInitializeProcessAuditName(_In_ PFILE_OBJECT FileObject, _In_ BOOLEAN DoAudit, _Out_ POBJECT_NAME_INFORMATION *AuditInfo)
Initializes a process audit name and returns it to the caller.
Definition: audit.c:105
PXE_BASE
#define PXE_BASE
PPE_BASE
#define PPE_BASE
_FileName
Definition: filecomp.c:348
_MMPFN::u1
union _MMPFN::@1842 u1
_MMPFN::WsIndex
ULONG WsIndex
Definition: mm.h:395
_MMPFN::Event
PKEVENT Event
Definition: mm.h:396
_UNICODE_STRING
Definition: env_spec_w32.h:368
PWCHAR
uint16_t * PWCHAR
Definition: typedefs.h:56
PCHAR
char * PCHAR
Definition: typedefs.h:51
FileObject
_In_ WDFREQUEST _In_ WDFFILEOBJECT FileObject
Definition: wdfdevice.h:550
MiInitializeWorkingSetList
_Use_decl_annotations_ VOID NTAPI MiInitializeWorkingSetList(_Inout_ PMMSUPPORT WorkingSet)
Definition: wslist.cpp:369
PFILE_OBJECT
* PFILE_OBJECT
Definition: iotypes.h:1998
UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181

◆ MmSetMemoryPriorityProcess()

NTSTATUS NTAPI MmSetMemoryPriorityProcess ( IN PEPROCESS  Process,
IN UCHAR  MemoryPriority 
)

Definition at line 487 of file procsup.c.

489{
490 UCHAR OldPriority;
491
492 //
493 // Check if we have less then 16MB of Physical Memory
494 //
495 if ((MmSystemSize == MmSmallSystem) &&
496 (MmNumberOfPhysicalPages < ((15 * 1024 * 1024) / PAGE_SIZE)))
497 {
498 //
499 // Always use background priority
500 //
501 MemoryPriority = MEMORY_PRIORITY_BACKGROUND;
502 }
503
504 //
505 // Save the old priority and update it
506 //
507 OldPriority = (UCHAR)Process->Vm.Flags.MemoryPriority;
508 Process->Vm.Flags.MemoryPriority = MemoryPriority;
509
510 //
511 // Return the old priority
512 //
513 return OldPriority;
514}
MEMORY_PRIORITY_BACKGROUND
#define MEMORY_PRIORITY_BACKGROUND
Definition: pstypes.h:125
MmSystemSize
MM_SYSTEMSIZE MmSystemSize
Definition: mminit.c:326
MmNumberOfPhysicalPages
PFN_COUNT MmNumberOfPhysicalPages
Definition: init.c:48
MmSmallSystem
@ MmSmallSystem
Definition: mmtypes.h:145

Referenced by NtSetInformationProcess(), and PspComputeQuantumAndPriority().

◆ NtAllocateUserPhysicalPages()

NTSTATUS NTAPI NtAllocateUserPhysicalPages ( IN HANDLE  ProcessHandle,
IN OUT PULONG_PTR  NumberOfPages,
IN OUT PULONG_PTR  UserPfnArray 
)

Definition at line 1436 of file procsup.c.

1439{
1440 UNIMPLEMENTED;
1441 return STATUS_NOT_IMPLEMENTED;
1442}
UNIMPLEMENTED
#define UNIMPLEMENTED
Definition: ntoskrnl.c:15
STATUS_NOT_IMPLEMENTED
#define STATUS_NOT_IMPLEMENTED
Definition: d3dkmdt.h:42

Referenced by AllocateUserPhysicalPages().

◆ NtFreeUserPhysicalPages()

NTSTATUS NTAPI NtFreeUserPhysicalPages ( IN HANDLE  ProcessHandle,
IN OUT PULONG_PTR  NumberOfPages,
IN OUT PULONG_PTR  UserPfnArray 
)

Definition at line 1466 of file procsup.c.

1469{
1470 UNIMPLEMENTED;
1471 return STATUS_NOT_IMPLEMENTED;
1472}

Referenced by FreeUserPhysicalPages().

◆ NtMapUserPhysicalPages()

NTSTATUS NTAPI NtMapUserPhysicalPages ( IN PVOID  VirtualAddresses,
IN ULONG_PTR  NumberOfPages,
IN OUT PULONG_PTR  UserPfnArray 
)

Definition at line 1446 of file procsup.c.

1449{
1450 UNIMPLEMENTED;
1451 return STATUS_NOT_IMPLEMENTED;
1452}

Referenced by MapUserPhysicalPages().

◆ NtMapUserPhysicalPagesScatter()

NTSTATUS NTAPI NtMapUserPhysicalPagesScatter ( IN PVOID VirtualAddresses,
IN ULONG_PTR  NumberOfPages,
IN OUT PULONG_PTR  UserPfnArray 
)

Definition at line 1456 of file procsup.c.

1459{
1460 UNIMPLEMENTED;
1461 return STATUS_NOT_IMPLEMENTED;
1462}

Referenced by MapUserPhysicalPagesScatter().

Variable Documentation

◆ MmDeadStackSListHead

SLIST_HEADER MmDeadStackSListHead

Definition at line 22 of file procsup.c.

Referenced by MmArmInitSystem(), MmCreateKernelStack(), and MmDeleteKernelStack().

◆ MmMaximumDeadKernelStacks

ULONG MmMaximumDeadKernelStacks = 5

Definition at line 21 of file procsup.c.

Referenced by MmArmInitSystem(), and MmDeleteKernelStack().

◆ MmProcessColorSeed

ULONG MmProcessColorSeed = 0x12345678

Definition at line 20 of file procsup.c.

Referenced by MmCreateProcessAddressSpace().

◆ MmRotatingUniprocessorNumber

ULONG MmRotatingUniprocessorNumber = 0

Definition at line 23 of file procsup.c.

Referenced by MmCreatePeb().